Lucene search
K

389 matches found

UbuntuCve
UbuntuCve
added 2006/10/17 9:7 p.m.27 views

CVE-2006-5330

CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks vi...

5CVSS6AI score0.22602EPSS
Exploits0References1
CVE
CVE
added 2006/10/17 9:0 p.m.102 views

CVE-2006-5330

The CVE-2006-5330 issue affects Adobe Flash Player plugins prior to 7.0.69 (and earlier variants) across Windows, Linux, Solaris, and macOS, causing remote attackers to modify HTTP headers and perform HTTP Request Splitting via CRLF in arguments to ActionScript functions (XML.addRequestHeader, XM...

5CVSS8AI score0.22602EPSS
Exploits0References24Affected Software1
Cvelist
Cvelist
added 2006/10/17 9:0 p.m.33 views

CVE-2006-5330

CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks vi...

8AI score0.22602EPSS
Exploits0References24
securityvulns
securityvulns
added 2006/08/17 12:0 a.m.42 views

Technical note by Amit Klein: "Sending arbitrary HTTP requests with Flash 7/8 (+IE 6.0)"

Sending arbitrary HTTP requests with Flash 7/8 +IE 6.0 Amit Klein, August 2006 The trick ========= In 1, I showed how to forge parts of HTTP requests containing CRs and LFs using Flash. In that write-up, the data was part of the HTTP body section. However, combining the Content-Length overriding...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/03/21 12:0 a.m.22 views

HP-UX PHSS_34204 : HP-UX VirtualVault running Apache 1.3.X Remote Unauthorized Access (HPSBUX02101 SSRT051128 rev.1)

s700800 11.04 Webproxy server 2.0 update : A security vulnerability has been identified in Apache HTTP server versions prior to Apache 1.3.34 that may allow HTTP Request Splitting/Spoofing attacks, resulting in remote unauthorized access. References: Apache HTTP Server version 1.3.34 announcement...

4.3CVSS8AI score0.20461EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2005/11/07 12:0 a.m.35 views

Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : apache (SSA:2005-310-04)

New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix potential security issues: If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks. Added...

4.3CVSS8.2AI score0.20461EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/09/23 4:0 a.m.23 views

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

6.5AI score0.01789EPSS
Exploits0References31
CVE
CVE
added 2005/09/23 4:0 a.m.106 views

CVE-2005-2703

CVE-2005-2703 affects Firefox up to 1.0.7 and Mozilla Suite up to 1.7.12. The issue lets a remote attacker modify HTTP headers of XML HTTP requests made via XMLHttpRequest, potentially enabling attacks such as HTTP request smuggling or splitting. This is triggered by how XMLHttpRequests are handl...

5CVSS6.5AI score0.01789EPSS
Exploits0References31Affected Software2
RedHat Linux
RedHat Linux
added 2005/09/22 8:36 p.m.6 views

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

5CVSS5.9AI score0.01789EPSS
Exploits0References4
Rows per page
Query Builder